Senior IT Internal Auditor

About the position

The Senior Internal Auditor is responsible for performing risk-based Information Technology audits including evaluating risks (external & internal threats, platform & application vulnerabilities, data protection, etc.), testing controls designed to mitigate risk, communicating issues and findings to management, consulting to identify business or technology improvements, and following-up on corrective actions.

Responsibilities

• Execute risk-based compliance audits.
• Perform SOX IT audit work over Information Technology General Controls (ITGCs), application controls, and key reports.
• Prepare well-documented and organized workpapers that facilitate the reviewer's understanding of source of data, program steps and rationale for testing, results and effectiveness of controls.
• Communicate audit findings and SOX deficiencies to management.
• Develop and assist in the implementation of recommendations to improve internal controls and operating processes.
• Utilize and understand IT frameworks (e.g. CIS Controls Framework, COBIT, ISO 27000, GAPP, SANS, NIST) in the performance of audit work.
• Execute risk-based operational audits.
• Perform IT and operational audits as outlined in the approved annual Internal Audit plan.
• Conduct audits / special assignments that review IT systems and IT processes/procedures to ensure the company is effectively utilizing and controlling its IT environment.
• Auditing the activities of various departments for compliance with plans, policies, and procedures prescribed by management and/or external agencies.
• Collaborate with operational audit team members to perform integrated business processes and technology audits.
• Communicate audit issues and related recommendations to management.
• Draft audit reports that provide an accurate assessment of the audit area and recommend feasible solutions to problems identified.
• Maintain up-to-date knowledge of SOX compliance guidelines and interpretations.
• Act as a liaison with the external auditors and support their initiatives (e.g., year-end fieldwork).
• Attend training and keep current on continuing professional education requirements.
• Work to implement methods and systems that increase the effectiveness of the Internal Audit function (e.g. data analytics).

Requirements

• Bachelor's degree in accounting, Finance, Information Systems, or Computer Science.
• 3+ years of corporate experience; internal auditing or public accounting experience strongly preferred.
• CISA, CIA, CISSP, or CPA certification strongly preferred.
• Limited travel required (0-10%).
• Understanding of IT internal auditing, GAAP, PCAOB standards, SOX compliance, CIS Controls Framework, PCI DSS, SSAE-16, and the COBIT & COSO frameworks.
• Excellent communication skills, both oral and written; able to express complex ideas in simple terms; strong analytical and quantitative skills; ability to rapidly assimilate knowledge of processes and systems.
• Proficiency in ACL software preferred.
• Experience auditing PeopleSoft Financials and SAP preferred.

Benefits

• Salary range: $90K - $110K plus bonus
• Remote work on Fridays